Difference between revisions of "X-Payments:KOUNT Antifraud screening"

From X-Payments Help
Jump to: navigation, search
(Created page with "<noinclude>{{XP_manual_TOC}}</noinclude> __NOTOC__ To help you protect your business against fraud, X-Payments 2.1 provides integration with a powerful fraud detection and p...")
 
(24 intermediate revisions by one other user not shown)
Line 3: Line 3:
 
__NOTOC__
 
__NOTOC__
  
To help you protect your business against fraud, X-Payments 2.1 provides integration with a powerful fraud detection and prevention solution by [http://www.kount.com/?utm_source=x-cart&utm_medium=home&utm_campaign=partner Kount]. Kount delivers an all-in-one, SaaS model fraud and risk management platform for merchants operating in card-not-present (CNP) environments and looking to root out fraudsters and increase revenue. For each transaction, Kount’s real-time "decisioning" engine analyzes hundreds of relevant variables and activity across the globe. Kount applies a multitude of proven and patented technologies including Multi-layered Device Fingerprinting®, Proxy Piercer® geolocation tools, statistical scoring, rules-based fraud detection, cross-merchant linking, and Persona behavioral modeling. Kount's proprietary technology has reviewed hundreds of millions of transactions and provides maximum protection for some of the world's best-known brands.
+
To help you protect your business against fraud, X-Payments versions 2.1 and later provide integration with a powerful fraud detection and prevention solution by [http://www.kount.com/?utm_source=x-cart&utm_medium=home&utm_campaign=partner Kount]. Kount delivers an all-in-one, SaaS model fraud and risk management platform for merchants operating in card-not-present (CNP) environments and looking to root out fraudsters and increase revenue. For each transaction, Kount’s real-time "decisioning" engine analyzes hundreds of relevant variables and activity across the globe. Kount applies a multitude of proven and patented technologies including Multi-layered Device Fingerprinting®, Proxy Piercer® geolocation tools, statistical scoring, rules-based fraud detection, cross-merchant linking, and Persona behavioral modeling. Kount's proprietary technology has reviewed hundreds of millions of transactions and provides maximum protection for some of the world's best-known brands.
 
+
<br /><br />
For more information or to request a personal demo of Kount, contact Kyle Allred at KBA@Kount.com or call 208-489-2773.
+
To start using Kount for online payment fraud screening in X-Payments, complete the following steps:<br />
 
+
# Sign up for a Merchant account with Kount at [http://www.kount.com/?utm_source=x-cart&utm_medium=home&utm_campaign=partner http://www.kount.com]. You will be provided with some credentials that you will need to configure Kount fraud screening in X-Payments: your Merchant ID and your Site ID. Take note of this information.<br />
To start using Kount for online payment fraud screening in X-Payments, complete the following steps:
+
# In the Kount Agent Web Console (AWC), create your API Key(s).<br />[[File:Kount_api_keys.png|668px|border]]<br />API Keys are required to authenticate to Kount. Note that Kount has separate environments for testing and production, and API Keys must be created and used for each of the environments separately. Kount's instructions for creating API Keys can be found here: [https://support.kount.com/s/article/Create-an-API-Key https://support.kount.com/s/article/Create-an-API-Key].<br />
# Sign up for a Merchant account with Kount at [http://www.kount.com/?utm_source=x-cart&utm_medium=home&utm_campaign=partner http://www.kount.com]. You will be provided with some credentials that you will need to configure Kount fraud screening in X-Payments: your Merchant ID and your Site ID. Take note of this information.
+
# In the Kount Agent Web Console (AWC), adjust credit card validation rules for your online store.<br />
# Go to the desired Kount Agent Web Console (AWC), test or production, and request your Public certificate and Private key. You will need to convert the files to .PEM format and set your private key passphrase. Kount will provide detailed instructions for that.
+
# Log in to X-Payments and locate the payment configuration for which you want to use Kount fraud screening. For the sake of example, we are going to enable KOUNT for the payment configuration "First Data Payeezy Gateway (ex- Global Gateway e4)".<br />[[File:Firstdata_pconf.png|668 px|border]]<br />Open the details of the chosen payment configuration for editing.
# Upload the public certificate and private key files to the directory <xp-dir>/var/certs/kount/ within your X-Payments installation.
+
# In the payment configuration details, check the '''Antifraud service''' setting. If you haven't been using any antifraud service for the current payment configuration so far, this field will be set to "Not enabled".<br />[[File:Antifraud_service.png|668 px|border]]<br />Reset this field to "KOUNT Antifraud screening".<br />[[File:Kount_selected.png|668 px|border]]<br />Click '''Save''' to save the changes.<br />
# Edit some Kount related code in the file <xp-dir>/.htaccess to enable Kount to work. For details, see [[#Kount related settings in <xp-dir>/.htaccess|Kount related settings in <xp-dir>/.htaccess]].
+
# Configure KOUNT for the current payment configuration:
# In the AWC, adjust credit card validation rules for your online store.
+
## Click <u>Configure</u>.<br />[[File:Kount_configure.png|668px|border]]<br />The KOUNT settings page for the current payment configuration opens:<br />[[File:Firstdata_kount.png|668 px|border]]<br />
# Log in to X-Payments and locate the payment configuration for which you want to use Kount fraud screening.
+
## Adjust the KOUNT settings:<br />[[File:Xp_kount_settings.png|668px|border]]<br />
# Go to the 'KOUNT Antifraud screening settings' page for this payment configuration by clicking the "KOUNT Antifraud screening: <u>Configure</u>" link:<br />
+
##* '''Status''' (Not configured / Enable / Disable): This setting indicates whether KOUNT module is active. For now just leave it as is. After you provide the rest of the required settings (below) and save the changes, KOUNT module will be enabled automatically. You will then be able to use this setting to disable/re-enable KOUNT for your current payment configuration as you require.
#* On the 'Payment configurations' page (Settings -> Payment configurations) you can find this link here:<br />[[File:Kount_configure1.png|border]]
 
#* On the 'Payment configuration details' page it is here:<br />[[File:Kount_configure2.png]]
 
# Use the 'KOUNT Antifraud screening settings' page for the selected payment configuration to configure your Kount integration module:<br />[[File:Kount_settings.png|border]]
 
## Adjust the following settings:
 
 
##* '''Merchant ID''': Specify your Merchant ID as was provided to you by Kount.
 
##* '''Merchant ID''': Specify your Merchant ID as was provided to you by Kount.
 
##* '''Site ID''': Specify your Site ID.
 
##* '''Site ID''': Specify your Site ID.
##* '''Public certificate file name''': Specify your public certificate file name.
 
##* '''Private key file name''': Specify your private key file name.
 
##* '''Private key passphrase''': Specify your private key passphrase.
 
 
##* '''Test/Live mode''': Use this to set the operation mode for Kount fraud screening service - ''Test'' or ''Live''. For access to the Kount AWC in Live mode use the address https://awc.kount.net, in Test mode - the address https://awc.test.kount.net.
 
##* '''Test/Live mode''': Use this to set the operation mode for Kount fraud screening service - ''Test'' or ''Live''. For access to the Kount AWC in Live mode use the address https://awc.kount.net, in Test mode - the address https://awc.test.kount.net.
##* '''Description of products''': Common name of the products sold by your store.
+
##* '''Description of products''': Common name of the products sold by your store.<br />
## When you are done adjusting all the fields, click '''Save''' to save the changes.
+
##* '''Mode for RIS update request''': Choose one of the available options (''X: Update data and re-validate transaction against rules'' or ''U: Update transaction data only''). Mode X is recommended if rules are based on the AVS information returned from the payment gateway. Note that additional charges may apply for Mode X.  
# Enable Kount fraud screening for the selected payment configuration: On the 'KOUNT Antifraud screening settings' page for your selected payment configuration, click the '''Disabled''' button located near the top of the page close to the title "Payment configuration: <Payment configuration name> KOUNT Antifraud screening", and select the action ''Enable'' from the button menu:<br />[[File:Kount_enable.png|border]]<br />Once the button switches to '''Enabled''', Kount screening for the selected payment configuration will be enabled.
+
##* '''API key''': Enter the API key you have created in the AWC. It will be used for authentication.<br />Note that Kount API has been updated and, starting with X-Payments 3.1.4, Kount certificates (RIS Certificates) are no longer supported. You must use an API key. You must also obtain a Configuration key for the field below. 
<br />
+
##* '''Configuration key''': Specify your Configuration key; this one needs to be obtained from Kount.
Once Kount antifraud screening has been configured and enabled for a specific payment configuraton, any new payment transactions for this payment configuration will be screened by Kount, and you will be able to view the screening results on the Payment details page:
+
## Click '''Save''' to save your settings.
::[[File:Kount_results.png|border]]
+
# Make sure Kount fraud screening is enabled:<br />[[File:Kount_enabled.png|668px|border]]<br />
<br />
 
In X-Cart stores, it is also possible to view the results of screening by Kount in the order details via the store's back end. On the order details page, you will need to click the <u>View payment information</u> link:
 
::[[File:View_payment_info_Kount_results.png]]
 
Kount screening results will be displayed in a popup window:
 
::[[File:Kount_xc_results.png|border]]
 
<br /><br />
 
===Kount related settings in <xp-dir>/.htaccess===
 
The file <xp-dir>/.htaccess contains the following code:
 
<pre>
 
#
 
# Kount related
 
#
 
<IfModule mod_rewrite.c>
 
    RewriteEngine On
 
 
 
    RewriteBase /xpayments/
 
 
 
    RewriteCond %{REQUEST_FILENAME} !-f
 
    RewriteCond %{REQUEST_FILENAME} !-d
 
    RewriteCond %{REQUEST_FILENAME} !-l
 
    RewriteRule ^public/secure-logo.htm$ payment.php?target=kount&action=redirect&token=$1 [L,QSA]
 
    RewriteRule ^public/secure-logo.gif$ payment.php?target=kount&action=redirect&token=$1 [L,QSA]
 
</IfModule>
 
</pre>
 
In this code, the RewriteBase value is hardcoded as "/xpayments/". To allow Kount to work, you need to edit this line replacing "/xpayments/" with the actual path to your X-Payments installation relative to web root.<br />
 
  
''Examples:''<br />
+
Once Kount antifraud screening has been configured and enabled for a specific payment configuration, any new payment transactions for this payment configuration will be screened by Kount.<br /><br />'''Important:''' Kount will not screen transactions made using a previously saved credit card.<br /><br />In the store where the transaction originated, the order to which the transaction pertains will be marked with an icon. For example, here's an order list from an X-Cart 5 based online store with an order of Aug 30, 2018 screened by Kount:<br />
:{| width="70%"
+
::[[File:Kount_orderlist.png|668px|border]]<br />
! align="left"| If your X-Payments is installed at...
+
If Kount can identify a transaction as potentially fraudulent, it will provide a warning so you can decide whether you wish to accept or decline this transaction. Here's what it looks like on the payment details page in X-Payments:
! the default RewriteBase value should be:
+
::[[File:Kount_warning.png|668px|border]]<br />
|-valign="top"
+
A similar warning appears in the store. For example, here's what it looks like in an X-Cart 5 store:
| style="width: 50%;" | www.example.com/xpayments
+
::[[File:Kount_warning_xc.png|668px|border]]<br />  
| style="width: 50%;" | "/xpayments/" (i.e., the default value)<br />&nbsp;
+
You will be able to view the results of screening by Kount on the Payment details page in X-Payments:
|-valign="top"
+
::[[File:Kount_passed.png|668px|border]]
| style="width: 50%;" | www.example.com
+
It is also possible to view the results of screening by Kount on the order details page in the store:
| style="width: 50%;" | "/" (single slash)<br />&nbsp;
+
::[[File:Kount_results_xc.png|668px|border]]
|-valign="top"
 
| style="width: 50%;" | www.example.com/some/directory/path
 
| style="width: 50%;" | "/some/directory/path/"<br />&nbsp;
 
|}
 
  
Note that, in all cases, RewriteBase values should be entered without quotation marks.
 
<br />
 
  
 
[[Category:X-Payments User Manual]]
 
[[Category:X-Payments User Manual]]

Revision as of 12:28, 22 April 2019

X-Payments user manual
  1. X-Payments:General information
  2. What's New
  3. System requirements
  4. Installation
  5. Two-factor user authentication
  6. Configuring X-Payments
  7. Managing users
  8. Customizing the interface
  9. Managing payments
  10. Unistalling X-Payments
  11. Upgrading
  12. Moving X-Payments from one host to another
  13. Viewing X-Payments logs
  14. FAQ
  15. Troubleshooting
  16. Glossary
  17. Supported payment gateways
  18. Popular Payment Methods Configuration Instructions


To help you protect your business against fraud, X-Payments versions 2.1 and later provide integration with a powerful fraud detection and prevention solution by Kount. Kount delivers an all-in-one, SaaS model fraud and risk management platform for merchants operating in card-not-present (CNP) environments and looking to root out fraudsters and increase revenue. For each transaction, Kount’s real-time "decisioning" engine analyzes hundreds of relevant variables and activity across the globe. Kount applies a multitude of proven and patented technologies including Multi-layered Device Fingerprinting®, Proxy Piercer® geolocation tools, statistical scoring, rules-based fraud detection, cross-merchant linking, and Persona behavioral modeling. Kount's proprietary technology has reviewed hundreds of millions of transactions and provides maximum protection for some of the world's best-known brands.

To start using Kount for online payment fraud screening in X-Payments, complete the following steps:

  1. Sign up for a Merchant account with Kount at http://www.kount.com. You will be provided with some credentials that you will need to configure Kount fraud screening in X-Payments: your Merchant ID and your Site ID. Take note of this information.
  2. In the Kount Agent Web Console (AWC), create your API Key(s).
    Kount api keys.png
    API Keys are required to authenticate to Kount. Note that Kount has separate environments for testing and production, and API Keys must be created and used for each of the environments separately. Kount's instructions for creating API Keys can be found here: https://support.kount.com/s/article/Create-an-API-Key.
  3. In the Kount Agent Web Console (AWC), adjust credit card validation rules for your online store.
  4. Log in to X-Payments and locate the payment configuration for which you want to use Kount fraud screening. For the sake of example, we are going to enable KOUNT for the payment configuration "First Data Payeezy Gateway (ex- Global Gateway e4)".
    Firstdata pconf.png
    Open the details of the chosen payment configuration for editing.
  5. In the payment configuration details, check the Antifraud service setting. If you haven't been using any antifraud service for the current payment configuration so far, this field will be set to "Not enabled".
    Antifraud service.png
    Reset this field to "KOUNT Antifraud screening".
    Kount selected.png
    Click Save to save the changes.
  6. Configure KOUNT for the current payment configuration:
    1. Click Configure.
      Kount configure.png
      The KOUNT settings page for the current payment configuration opens:
      Firstdata kount.png
    2. Adjust the KOUNT settings:
      Xp kount settings.png
      • Status (Not configured / Enable / Disable): This setting indicates whether KOUNT module is active. For now just leave it as is. After you provide the rest of the required settings (below) and save the changes, KOUNT module will be enabled automatically. You will then be able to use this setting to disable/re-enable KOUNT for your current payment configuration as you require.
      • Merchant ID: Specify your Merchant ID as was provided to you by Kount.
      • Site ID: Specify your Site ID.
      • Test/Live mode: Use this to set the operation mode for Kount fraud screening service - Test or Live. For access to the Kount AWC in Live mode use the address https://awc.kount.net, in Test mode - the address https://awc.test.kount.net.
      • Description of products: Common name of the products sold by your store.
      • Mode for RIS update request: Choose one of the available options (X: Update data and re-validate transaction against rules or U: Update transaction data only). Mode X is recommended if rules are based on the AVS information returned from the payment gateway. Note that additional charges may apply for Mode X.
      • API key: Enter the API key you have created in the AWC. It will be used for authentication.
        Note that Kount API has been updated and, starting with X-Payments 3.1.4, Kount certificates (RIS Certificates) are no longer supported. You must use an API key. You must also obtain a Configuration key for the field below.
      • Configuration key: Specify your Configuration key; this one needs to be obtained from Kount.
    3. Click Save to save your settings.
  7. Make sure Kount fraud screening is enabled:
    Kount enabled.png

Once Kount antifraud screening has been configured and enabled for a specific payment configuration, any new payment transactions for this payment configuration will be screened by Kount.

Important: Kount will not screen transactions made using a previously saved credit card.

In the store where the transaction originated, the order to which the transaction pertains will be marked with an icon. For example, here's an order list from an X-Cart 5 based online store with an order of Aug 30, 2018 screened by Kount:

Kount orderlist.png

If Kount can identify a transaction as potentially fraudulent, it will provide a warning so you can decide whether you wish to accept or decline this transaction. Here's what it looks like on the payment details page in X-Payments:

Kount warning.png

A similar warning appears in the store. For example, here's what it looks like in an X-Cart 5 store:

Kount warning xc.png

You will be able to view the results of screening by Kount on the Payment details page in X-Payments:

Kount passed.png

It is also possible to view the results of screening by Kount on the order details page in the store:

Kount results xc.png